propppd.conf(5) ProL2TP Manual propppd.conf(5)
NAME
propppd.conf - ProPPP configuration file
SYNOPSIS
This document describes the configuration file syntax of ProPPP.
DESCRIPTION
A configuration file is used to setup propppd. It is processed when
propppd starts up, and again if it receives a SIGHUP signal.
FILE SYNTAX
Parameters are organised in blocks, delimited by braces { }. The block
type and optional name precedes the open brace. Parameters are written
inside the braces, as a parameter name and value pair.
block-type "name" {
param1 value
param2 "string-value"
}
The following block types exist in ProPPP:
SYSTEM
Contains attributes that may be used to control the system behavior
of ProPPP, i.e. debug logging options etc. There is always one
instance of this object and it has no name.
system {
params...
}
PROFILE
Defines a named PPP profile. More than one profile may be defined,
each with a unique name.
profile "one" {
params...
}
RADIUS
Identifies parameters to be used when sending or receiving RADIUS
messages.
radius {
server "server1" {
params...
}
}
PARAMETERS
This section identifies the parameters available in each block. The
default values are suitable for most cases.
SYSTEM
log_categories
Set the log mask of individual log message categories which are
output. Messages are grouped into categories which may be individu-
ally controlled. Debug may be enabled or disabled for individual
ppp instances by management commands. Each entry in this block con-
sists of a pair of words - the category name and the log mask. The
following category names are defined:
event Log messages related to event messages generated by
propppd.
main Log messages concerned with internal application state.
mgmt Log messages related to management control API usage.
ppp Log messages related to the PPP protocol.
radius Log messages related to communication with RADIUS servers.
A log mask must be specified for each category. This is one of debug,
info, notice, warning and error. The default for all categories is
notice.
log_targets
This block specifies parameters of one or more log targets. Cur-
rently only one log target, main is defined. The main log target is
either syslog or file, set by a propppd command line option.
log_level
Set the verbosity level at which messages are output to the
log target. Values match traditional Unix syslog levels,
namely debug, info, notice, warning, error. Default is info.
PROFILE
A profile block defines named ppp parameter sets which are combined
with user-supplied create arguments when establishing new ppp sessions.
When ppp instances are created, a profile argument tells propppd to
lookup the named profile and substitute the arguments contained in that
profile into the create arguments. A special profile named "default" is
used if no profile name is given. This may be useful by the administra-
tor to set default ppp options.
arg1 arg2 ... argN
Profile parameters are specified as whitespace-separated words
in the same form as propppctl create arguments. See propp-
pctl(1)
RADIUS
The radius block defines parameters for communicating with one or more
RADIUS servers.
SERVER name
The server block contains parameters for communicating with a
named RADIUS server. Multiple servers can be defined.
server_address address
Specifies the IP address of the RADIUS server.
auth_port number
The port number used for RADIUS auth requests sent to
this server. If set to 0, no auth requests are sent to
this server. The default is 1812.
acct_port number
The port number used for RADIUS accounting requests sent
to this server. If set to 0, no accounting requests are
sent to this server. The default is 1813.
secret quoted-string
The secret used by the RADIUS server for authenticating
requests. This must match the secret configured in the
RADIUS server.
timeout number
Sets the number of seconds to wait for a response before
retransmitting a RADIUS packet. Default is 1.
max_retries number
Sets how many times to retransmit a RADIUS request
before giving up. The default is 3.
dead_time number
Sets the number of seconds to treat a server as unreach-
able if it did not respond to max_retries attempts with
a previous request before attempting to use it again for
new requests. This is only useful if more than one
server is used. Default 60s.
EXAMPLES
system {
log_categories {
mgmt debug
event info
radius debug
}
log_targets {
main {
log_level debug
}
}
}
profile "default" {
lcp-echo-interval 30
}
radius {
server "local" {
server_address 127.0.0.1
auth_port 1812
acct_port 0
secret "testing123"
timeout 1
max_retries 4
dead_time 60
}
server "s1" {
server_address 192.168.1.42
auth_port 1812
acct_port 1813
secret "mysupersecret"
timeout 1
max_retries 5
dead_time 120
}
}
SEE ALSO
propppd(8), propppctl(1), propppwatch(1)
ProL2TP 2.4.1 April 2023 propppd.conf(5)